Elastic has released a critical security update for Elastic Cloud Enterprise (ECE) addressing a template engine injection flaw that could allow attackers with admin privileges to execute arbitrary commands and exfiltrate sensitive data. Tracked as CVE-2025-37729 and rated CVSS 9.1 (Critical), the issue affects ECE versions 2.5.0 through 3.8.1 and 4.0.0 through 4.0.1. Users are […]

The post Elastic Cloud Enterprise Flaw Lets Attackers Run Malicious Commands appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/elastic-cloud-enterprise-flaw/